Advanced Technology International (ATI) is a nonprofit committed to our collaborative technology development model. Forming mutually beneficial relationships with our large business, small business, and academia partners is key to that model, as we strive for excellence in delivery of outstanding technology innovation outcomes to our customers.

This information is one means of providing effective engagement with all of our industry partners, including the opportunity to connect with small, minority-owned, women-owned, and veteran-owned small businesses interested in working with us.

Partnering with ATI

Obtaining a Unique Entity ID

All entities wishing to do business with the federal government must have a unique entity identifier (UEI). In order to register in the System for Award Management (SAM), an organization will first need to receive a Unique Entity ID.

Guide for Getting a Unique Entity ID

System For Award Management (SAM)

All companies desiring to do business with the Federal Government are required to have an active record on the Government’s System for Award Management (SAM).

SAM is the Official U.S. Government system that consolidated the capabilities of CCR/FedReg, ORCA and EPLS. There is NO fee to register.

ATI subcontractors and suppliers shall complete the Representations and Certifications in SAM.gov.

See How to Register in SAM for further information.

Obtaining A DD Form 2345 – Militarily Critical Technical Data Agreement

DD Form 2345 is required by U.S. contractors that wish to obtain access to unclassified technical data disclosing militarily critical technology with military or space application that is under the control of, or in the possession of the U.S. Department of Defense (DoD).

Many of ATI-managed consortia require prospective members to obtain a DD Form 2345. In order to obtain a DD Form 2345, an organization is required to have a Commercial and Government Entity (CAGE) code. An organization must register in the System for Award Management (SAM) in order to obtain a CAGE code. Lastly, in order to register in SAM, an organization will first need to receive a Unique Entity ID (UEI). Your business Tax ID number, bank account, bank routing number and business address are also necessary.

Click on the video image below to view ATI’s training on How to Obtain a DD Form 2345 Certification:

DD 2345 Video Play

How to obtain a DD Form 2345 (pdf document)

Small Business Requirements

It is the intent of ATI that small businesses are given the maximum practicable opportunity to compete for ATI purchases consistent with the efficient performance of our business. Each division in ATI will comply with the intent of the requirements set forth by FAR 52.219. Should your business meet any of the small business criteria listed, you are encouraged to contact [email protected] to be registered as a vendor with ATI and be considered for future purchases and business needs. For subcontracts that are subject to the Federal Acquisition Regulations, Small Business Classifications include (these are all self-certified classifications, except for the HUBZone):

  • Small Disadvantaged Business (SDB)
  • Woman Owned (WO)
  • HUBZone – (HUBZone Certification Application)
  • Veteran Owned (VO)
  • Service Disabled Veteran (SDVO)
  • Historically Black Colleges and Universities (HBCU)
  • Minority Institutions (MI)

For more information, please visit the following useful websites:

Representations and Certifications (Reps and Certs)

In accordance with FAR Subpart 4.12, ATI is prohibited from awarding a procurement funded under a U.S. Government contract unless the seller certifies it complies with certain U.S. Government policies and laws. In order to facilitate this requirement, your contracts or purchasing representative will verify your organization has active Representations and Certifications at SAM.gov.

Vendor Management

ATI maintains a database of all vendors, suppliers, and subcontractors who are and have done business with us. Please contact your contracts or purchasing representative to register as a new vendor or update previously submitted information as an existing member.

Vendor forms (including a W-9 Form, Electronic Funds Transfer Request Form and Vendor Questionnaire) can be provided to you via email for completion.

Invoicing and Prompt Payment

ATI’s standard payment terms are NET 30 days from the date an acceptable invoice is received. However, other payment terms may be negotiated with your contracts representative. Please refer to your subcontract agreement or purchase order for the applicable payment terms.

In order to facilitate prompt payment of invoices submitted to ATI, we ask that you please forward your invoices to [email protected].

Please refer to your subcontract agreement or purchase order for guidance on submitting an acceptable invoice.

Payment Inquiries may be directed to your ATI subcontract representative or [email protected].

Contracting

ATI is committed to providing procurement services of the highest quality to exceed the expectations of all of our business partners. We ensure that ATI agreements reflect the best value for our clients and partners. It is our goal to build long term, mutually favorable relationships with our suppliers, subcontractors, team members and clients based on trusthonesty, and candor.

We welcome your questions and feedback as we strive to achieve our goals.

Please contact us!

Ethics & Compliance

Ethics and Compliance

Ethics at ATI is more than mere compliance with the letter of the law; it is a commitment to uphold the spirit of ethical conduct. All ATI employees demand the highest standards of business conduct from ourselves and all ATI partners and suppliers. Our core values—integrity, passion, teamwork, excellence, and agility—drive our dealings with our partners and are the foundation for our success.

ATI maintains a comprehensive compliance program that meets the standards outlined in Section 8B2.1 of the U.S. Sentencing Guidelines and the Department of Justice memorandum on Evaluation of Corporate Compliance Programs, as well as industry best practices. For more information about our compliance program, contact:
Michelle Crawford
Compliance Officer
315 Sigma Drive
Summerville, SC  29486
843-760-4363
[email protected]

Supplier Code of Conduct

ATI has implemented a Supplier Code of Conduct, which outlines our expectations for the high ethical and compliance standards we require from our Suppliers.

The Supplier Code of Conduct is reflective of the standards for ATI Associates, Executives, Director, Partners, and Affiliates. ATI expects our suppliers, subcontractors, and vendors to not only comply with the ATI Supplier Code of Conduct but to also have their own Code of Conduct applicable to their organization and business operations.

Compliance Program Requirements

All organizations doing business with ATI are expected to have in place a comprehensive compliance program that meets the Department of Justice (DOJ) requirements for corporate compliance programs, detailed in Section 8B2.1 of the Federal Sentencing Guidelines and the DOJ memo on Evaluation of Corporate Compliance Programs.

Supplier compliance programs should include the following elements:

  1. Standards, Policies and Procedures
  2. Compliance Program Administration
  3. Communication, Education and Training
  4. Monitoring and Auditing
  5. Internal Reporting Systems
  6. Discipline for Non-Compliance
  7. Investigation and Remediation Measures

ATI Ethics and Compliance Hotline

ATI has implemented an Ethics and Compliance Hotline (in accordance with FAR Part 52.203-13) to serve as a reporting mechanism through which employees, agents, and third party vendors may report suspected instances of improper conduct.

The hotline is available 24/7/365, and all reports may be made anonymously or named at:

SAM is the Official U.S. Government system that consolidated the capabilities of CCR/FedReg, ORCA and EPLS. There is NO fee to register.

ATI subcontractors and suppliers shall complete the Representations and Certifications in SAM.gov.

See How to Register in SAM for further information.

Department Of Defense (DoD) Hotline

The mission of the DoD Hotline is to provide a confidential, reliable means to report violations of law, rule or regulation, mismanagement, gross waste of funds, abuse of authority and classified information leaks involving the Department of Defense; as well as the detection and prevention of threats and danger to the public health and safety of the Department and our Nation.

Anyone may file a complaint with the DoD Hotline at 1-800-424-9098 to report fraud, misuse and misrepresentation relating to DoD contract.

A report can also be made through the Fraud Waste and Abuse website.

Additional Ethics and Compliance Resources

For more information on adherence to laws and establishing effective Ethics and Compliance Programs, please visit the following websites.

Below is a list of Integrated Compliance Solutions providing online training, hotline services, policy management, reporting and analytics, and more:

2019 NDAA Section 889

Section 889 of the 2019 National Defense Authorization Act prohibits the federal government, government contractors, and grant and loan recipients from procuring or using certain “covered telecommunication equipment or services” that are produced by Huawei, ZTE, Hytera, Hikvision, and Dahua and their subsidiaries as a “substantial or essential component of any system, or as critical technology as part of any system.”  This section of the 2019 NDAA has two sections both of which are in effect as of August 13, 2020.

Sec. 889(a)(1)(A) required the federal government, as of August 13, 2019, to not “procure or obtain or extend or renew a contract to procure or obtain any equipment, system, or service that uses covered telecommunication equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”

Sec. 889(a)(1)(B), which is slated to go into effect on August 13, 2020, will prohibit the federal government from entering into or extending or renewing contracts with any entity that “uses any equipment, system, or service that uses covered telecommunication equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”

Section 889(a)(1)(A) and 889(a)(1)(B) are incorporated into the Federal Acquisition Regulation (FAR) as sections 52.204-24; 52.204-25; and 52.204-26.

The following links include additional information about Section 889 of the 2019 NDAA:

Cybersecurity

DFARS Rule Information

In October of 2016, DoD adopted a final rule amending the Defense Federal Acquisition Regulation (DFARS), which requires contractors to report on network penetrations. While the main elements of the DFARS Clause 252.204-7012 (Safeguarding Covered Defense Information and Cyber Incident Reporting) remain intact there have been several updates and clarifications. Subsequent amendments were made to enhance and clarify to original clause and add additional clauses to DFARS. The current version of the DFARS 252.204-7012 clause is available here.

Effective June 9, 2023, the DFARS was amended to include additional cyber provisions related to assessment requirements and Cybersecurity Maturity Model Certification (CMMC). The additional provisions are DFARS clause 252.204-7019, 252.204-7020 and 252.204-7021. The current version of those clauses are available here.

Cybersecurity Maturity Model Certification

The Cybersecurity Maturity Model Certification, or CMMC, is the next stage in the Department of Defense’s (DoD) efforts to properly secure the Defense Industrial Base (DIB). In the simplest of terms, the DoD announced in mid 2019 that it is creating a cybersecurity assessment model and certification program. On January 31st, 2020, DoD officials released CMMC 1.0 and subsequently made enhancements to CMMC 1.2 .

In November 2021, the Department announced CMMC 2.0, an updated program structure and requirements designed to achieve the primary goals of an internal review:

  • Safeguard sensitive information to enable and protect the warfighter
  • Dynamically enhance DIB cybersecurity to meet evolving threats
  • Ensure accountability while minimizing barriers to compliance with DoD requirements
  • Contribute towards instilling a collaborative culture of cybersecurity and cyber resilience
  • Maintain public trust through high professional and ethical standards

The CMMC combines various cybersecurity standards and best practices and maps these controls and processes across several maturity levels that range from basic to advanced cyber hygiene. For a given CMMC level, the associated controls and processes, when implemented, will reduce risk against a specific set of cyber threats.

The CMMC effort builds upon existing regulation (DFARS 252.204-7012) that is based on trust by adding a verification component with respect to cybersecurity requirements.

The goal is for CMMC to be cost-effective and affordable for small businesses to implement at the lower CMMC levels.

The intent is for certified independent 3rd party organizations to conduct audits and inform risk.

For additional information, please reference the DoD CIO’s website pertaining to CMMC and the CyberAB’s website.

CMMC Resources:

NIST 800-171 Assessment

The National Institute of Standards and Technology (NIST) guidelines 800-171 Revision 2 (Protecting Controlled Unclassified Information in NonFederal Information Systems and Organizations) were updated in February 2020. NIST 800-171 outlines a subset of the NIST 800-53 requirements. Detailed mapping is available in the NIST Special Publication 800-171 Revision 2, Appendix D, Tables D-1 through D-14, page 73. The NIST Cybersecurity Self-Assessment Handbook is for assessing NIST SP 800-171 Security Requirements in response to DFARS Cybersecurity Requirements.  In addition, DoD released assessment guidelines for CMMC at level 1 and level 2. Those guidelines can be found here.

DFARS 252.204-7019 Notice of NIST SP 800-171 DoD Assessment Requirements (NOV 2020) require all contractors, subject to implementation of the NIST SP 800-171 standard, have a current (completed within the past 3 years) DoD Assessment on record in the DoD’s Supplier Performance Risk System (SPRS). Contractors are encouraged to do a Basic Self-Assessment using the NIST 800-171 DoD Assesment Methodology and upload it into SPRS now, if they intend to respond to future solicitations where this assessment will likely be required prior to award.

Compliance Resources

The following is a list of resources to assist you in identifying areas that need improvement in your security requirements checklist. These resources may also provide assistance in becoming NIST 800-171 compliant.

Tips To Improve Cybersecurity

  • Train employees in security principles – have standards of protocol and behavior
  • Protect hardware, networks and information – update antivirus software
  • Create mobile device action plan – use password protection, encrypt data and use security apps on phones that have access to confidential information; establish reporting procedure for lost or stolen phones
  • Back up important data and information – back up documents and information to computers and to the cloud or offsite
  • Control physical access to computers – lock up laptops when unused; create user accounts for each employee; allow administrative privileges only to trusted IT staff and personnel
  • Secure Wi-Fi networks – make sure wireless is encrypted, SSID is hidden and networks have passwords
  • Use best practices with payment cards – work with banks and processors to set up anti-fraud services; do not use the same computer to process payments and surf the internet
  • Limit employee access and authority – give employees access only to the data systems necessary for their tasks; do not allow installation of software without permission
  • Require passwords and authentication – have employees use unique passwords and require them to change these passwords every three months; consider further authentication practices with additional information; check with vendors who handle sensitive information

Information Source: U.S. Small Business Administration.